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Abstract — Renaming is a fundamental problem in distributed 
computing, which consists of a set of processes picking distinct 
names from a given namespace. The paper presents algorithms 
that solve order-preserving renaming in synchronous message 
passing systems with Byzantine processes. To the best of our 
knowledge, this work is the first to address order-preserving 
renaming in the given model. Although this problem can be solved 
by using consensus, it is known that renaming is "weaker" than 
consensus, therefore we are mainly concerned with the efficiency 
of performing renaming and make three contributions in this 
direction. We present an order-preserving renaming algorithm 
for N > 3t with target namespace of size N+t— 1 and logarithmic 
step complexity (where N is the number of processes and t is an 
upper bound on the number of faults). Similarly to the existing 
crash-tolerant solution, our algorithm employs the ideas from the 
approximate agreement problem. We show that our algorithm 
has constant step complexity if N > t 2 + 2t and achieves tight 
namespace of size N. Finally, we present an algorithm that 
solves order-preserving renaming in just 2 communication steps, 
if TV > 2t 2 + t. 

I. Introduction 

Renaming is a fundamental problem in distributed comput- 
ing, which can be informally described as follows: a set of pro- 
cesses {pi, ■ ■ ■ ,pn} with unique ids in the range [1 • • • N max ] 
must pick new names from a given range [1, • • • , M], where 
M <C N max . The range of values to which new names belong 
is called target namespace. In this work, we are interested in an 
order-preserving variant of the renaming problem that requires 
processes to preserve the order of their old names. This variant 
is interesting as it allows to use renaming in settings where the 
original identifiers encode some additional information, such 
as, for instance, their relative priority in accessing a shared 
resource. 

In this paper we address this problem in synchronous 
message-passing systems subject to Byzantine faults. In syn- 
chronous systems, order-preserving renaming has only been 
previously addressed for crash-faults] 14]. Adapting previous 
work to cope with Byzantine processes raises several interest- 
ing challenges. First, Byzantine nodes may lie about their ids, 
use different ids when communicating with different processes, 
and t faulty processes may even collude to create more than 
t ids, none of which can be identified as bogus by correct 
processes. Secondly, Byzantine processes can lie about the ids 
they have seen, sending contradictory information to different 
correct processes. This breaks the algorithms designed for 
crash-faults |[T4l in different ways. Interestingly, some of the 
most "intuitive" approaches to tackle these challenges reveal 



themselves inadequate: 

• One could consider using Reliable BroadcastH or 
consensus ifTTI to ensure each process agree on the same set 
of identifiers and, in this way, solve renaming, but these 
approaches have step complexity linear in the number of 
faults HI- 

• There are techniques to translate a crash-tolerant algorithm 
into a Byzantine-tolerant algorithm[|3), 1131 . but they have two 
main limitations. First, they blow up the message and step 
complexity because processes must broadcast (and echo) histo- 
ries of previously received messages. Second, these techniques 
assume that, when a process receives a message, it knows the 
id of the sender. But, with this knowledge it becomes trivial 
to solve the order-preserving renaming problem without any 
communication (just by sorting the set of ids and then choosing 
the rank of each id as new name). 

• Finally, the crash-tolerant algorithm by OkunJT4] is based 
on running multiple instances of Approximate Agreement 
(AA) to agree on a rank for each id. We could consider that 
a Byzantine-tolerant version of that algorithm could be easily 
obtained just by replacing AA in lfT4l by some Byzantine- 
tolerant version of AA, such as Q. In fact, Byzantine-tolerant 
AA guarantees that the outputs are within the range of values 
issued by the correct processes. Unfortunately, Byzantine 
nodes can cause correct processes to propose overlapping 
intervals of values for different instances of AA and, therefore, 
the outputs may not preserve the initial ordering. 

This paper takes on the latter idea of using Byzantine- 
tolerant approximate agreement to solve order-preserving re- 
naming. For this purpose, we introduce a 4-step id selection 
scheme that restricts the number of ids in the system, despite 
lies by Byzantine processes. Furthermore, to ensure that the 
AA outputs preserve the initial ordering, we propose a vali- 
dation scheme that does not require additional messages, and 
thus do not have the overhead of [3], [13|. 

We then analyze the resulting algorithm when N is large 
compared to t. In the lines of the work for crash-faults reported 
in (TJ, we show that the AA-based approximation phase, and 
thus our algorithm, requires only a constant number of steps to 
converge when N > t 2 + 2t. Interestingly, in this case it also 
achieves tight namespace of size N, because our id selection 
scheme ensures that Byzantine nodes are not able to introduce 
more than t identifiers. 

Even in the favorable case above, the number of communi- 
cation steps can be an impairment for time constrained applica- 
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tions. Therefore, we then address the challenge of performing 
order-preserving renaming in as few communication steps as 
possible. We show that, if the number of faults is bounded by 
N > 2t 2 + t, it can be solved in just 2 steps. This is done 
by having processes exchange their initial ids, perform one 
echoing step, and then use the numbers of echoes to calculate 
a new name. 

Contributions 

To our knowledge, our work is the first to address the order- 
preserving renaming with Byzantine faults. Furthermore, our 
results also improve the existing work on non order-preserving 
renaming. Our main contributions can be summarized as 
follows (recall that N is the number of processes and t is 
an upper bound on the number of faults). 

Our first contribution is an algorithm that performs order- 
preserving renaming with optimal fault tolerance of N > 3t, 
has the same time and message complexity as the existing 
crash-tolerant solution [14], and is more efficient than the 
previous (non order-preserving) algorithm for the Byzantine 
model. Additionally, our algorithm presents an improvement 
on the namespace size, N + 1 — 1, compared to the previous 
result of 2N for non order-preserving renaming |fl5ll . 

Our second contribution is to show that, if N > t 2 + 2t 
our algorithm has constant step complexity and, interestingly, 
achieves optimal namespace of size N. 

Our last contribution consists in a fast algorithm for N > 
2t 2 + 1 that employs only 2 communication steps and achieves 
the target namespace of size N 2 . 

All algorithms presented in this paper are deterministic. 

Paper Organization 

The remainder of this paper is organized as follows. In 
Section |ll] we introduce the system model and formally define 
the problem addressed in this paper. In Section III we discuss 



the existing work. Section IV is dedicated to the order- 



preserving renaming algorithm for N > 3t. In Section [V] 
we analyze our algorithm and show that it performs strong 
renaming within constant number of steps if N > t 2 + 2t. 



In section VI we present a fast 2-step renaming algorithm. 



Finally, Section VII presents conclusions and outlines the 
directions for future work. 

II. Model and Problem Definition 

The processes are arranged in a synchronous network of 
an a priory known size N, in which each pair of processes is 
connected by a direct communication link. The communication 
between two processes is performed by message passing. The 
links of each process are labeled by 1, • • • ,N, where the links 
1, ■ ■ • , N — 1 are to the remaining processes and link N is a 
self-loop. It is assumed that the processes know the label of 
the link through which any message is received. 

Each correct process has a unique identifier, originally only 
known to the process itself. Up to t processes may be faulty 
and exhibit arbitrary behavior (these processes are named 
Byzantine processes); faulty processes may send messages 



with arbitrary content. Communication channels are assumed 
to be reliable. 

The renaming problem can be formally defined by the 
following conditions Q, Q: 

• Validity: Each new name is an integer in the range 
[1---M]. 

• Termination: Each correct process outputs a new name. 

• Uniqueness: No two correct processes output the same 
new name. 

The particular case in which the size of the target namespace 
is equal to N is called strong renaming. 

In this paper we are interested in the order-preserving 
variant of the renaming problem, which requires the following 
property: 

• Order-preservation: New names of correct processes pre- 
serve the order imposed by their original ids. 

III. Related Work 

The renaming problem was originally introduced in [121 for 
the asynchronous message-passing model with crash failures. 
The authors present a non order-preserving algorithm that 
solves renaming with a target namespace of size N + t and 
an order-preserving algorithm with a target namespace of size 
2* (N — 1 + 1) — 1. Both bounds on the target namespace were 
shown to be optimal [2], [10|. 

Although renaming can be solved using consensus as a 
building block, there are several reasons to devise algorithms 
specifically for solving renaming. First, consensus based so- 
lutions cannot be used in asynchronous systems subject to 
faults [9[. On the other hand, as shown in O, the impossibility 
result does not apply to renaming (i.e., renaming is "eas- 
ier" than consensus). Furthermore, in synchronous systems, 
consensus based solutions are viable but may be inefficient. 
In these settings, consensus requires ft (N) steps [8 1, while 
renaming can be implemented in O (log N) communication 
steps [6 1 . In fact, renaming is considered the simplest non- 
trivial distributed computing task [6|. It is therefore no surprise 
that, after the seminal work of [2], a significant research 
effort has been placed in devising efficient algorithms for the 
renaming task. From this point, we limit our discussion to 
the results on renaming in the synchronous message passing 
model considered in this paper. 

A strong renaming algorithm with crash-faults, with optimal 
time complexity of O (log N) is presented in [6| and works as 
follows. A process chooses a new name by selecting one bit at 
a time, starting with the high-order bit and working down to 
the low-order bit. In each step the processes exchange their ids 
and the intervals of the new name in which they are interested, 
then split the ids in half, choosing if their own id belongs 
to the first half, or 1 otherwise, and repeat the procedure. @ 
also proves the lower bound of il (log N) for the renaming 
task for N > t. 

A strong order-preserving renaming algorithm with loga- 
rithmic step complexity has been presented in lfT4l which also 
addresses crash faults. In this algorithm, the processes run an 
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approximate agreement, (or AA), to choose their new name. 
Unlike in the case of exact agreement (or consensus), in the 
task of AA processes start with arbitrary real values and output 
values within some bounded distance from each other (e.g. Q, 
ifT^l l. In the AA-based renaming, processes exchange their 
old ids, propose a new name for each id based on its ranks 
in the list of all identifiers they received. Due to crashes 
processes may have received different sets of identifiers and 
therefore may propose different names for the same process. 
These discrepancies are later reduced by AA instances for 
each identifier that brings the values within safe distance from 
each other. Recently, the authors of JT] made the algorithm 
presented in 1T41 early deciding, i.e. the complexity depends 
on /, the number of actual faults occurred in a given run. Thus 
the complexity is C(log /). Interestingly, the authors observed 
that the algorithm can decide in constant number of steps if 
the number of actual faults is bounded by N > 2/ 2 . This 
is because in that case the approximate agreement is able to 
converge in a constant number of iterations. 

Byzantine renaming in message-passing systems has been 
addressed in lfT31 . where the authors prove the lower bound of 
N > 3t on the number of Byzantine failures for the renaming 
problem in this model. The paper, that addresses the non 
order-preserving variant of the problem, adapts the automatic 
crash-to-Byzantine translation techniques introduced in |3l , 
lf]~3l to the crash-tolerant algorithm introduced in [6]. The 
algorithm tolerates N > 3t Byzantine failures and runs in 
O(logiV) steps. Due to previously highlighted limitations 
of the translation techniques of 0, |fl~3), the tight target 
namespace of the original protocol is not preserved. Namely, 
because Byzantine processes can announce different identifiers 
that correct processes are not able to recognize as faulty, in 
the resulting transformed algorithm the target namespace is 
increased to 2N. 

IV. Order-preserving Byzantine Renaming 

In this section, we present what is, to the best of our 
knowledge, the first order-preserving renaming algorithm with 
Byzantine faults. The algorithm requires N > 3t, which is 
optimal lfl5l . Semantically, our algorithm follows the structure 
of the order-preserving algorithm for the fail-stop model 
presented in [14| employing the techniques of Byzantine 
approximate agreement (AA) introduced in Q with exten- 
sions that address two additional concerns. First, we limit 
the number of identifiers introduced by the faulty processes. 
Second, we ensure that, in spite of contradictory information 
sent by Byzantine participants, the instances of AA converge 
in a consistent way that will allow new names to preserve the 
initial ordering. 

The algorithm, depicted in Alg. [T] uses two distinct phases, 
namely the id selection phase and the rank approximation 
phase, or voting. The first phase takes a constant number 
of steps (namely, 4 steps) to limit the number of identifiers 
produced by faulty nodes. At the end of this phase, each node 
makes an estimate of the new id for each process. However, 
as we will see, these estimates are not precise enough to be 



Algorithm 1 Order-preserving Byzantine Renaming 

01 Ink: 

02 5=1 +3(ivW 
// id selection phase 



03 In Step r := 1 

04 broadcast ((ID, my_id)); 

05 foreach id: ( ID, id) received from a distinct link do 

06 Ids := Ids U {id}; 

07 In Step r := 2 

08 foreach id £ Ids do 

09 broadcast((ECHO, id)); 

10 Ids := 0; 

11 foreach id: (ECHO, id) received from at least N — t distinct 
links do 

12 Ids := Ids U {id}; 

13 In Step r := 3 

14 foreach id G Ids do 

15 broadcast(( Ready, id)); 

16 Ids := 0; 

17 foreach id: (READY, id) received from at least N — t distinct 
links do 

18 timely := timely U {id}; 

19 foreach id: (READY, id) received from at least N — 2t distinct 
links and have not broadcast (READY, id) do 

20 Ids := Ids U {id}; 

21 In Step r := 4 

22 foreach id £ Ids do 

23 broadcast((READY, id)); 

24 foreach (READY, id) received from at least N — t distinct 
links do 

25 accepted := accepted U {id}; 

26 SORT (accepted); 

27 foreach id G accepted do 

28 ranks[id] := RANK(accepted,id)x S; 

II rank approximation phase 

29 In Step r := 5 to 3[log t] + 7 

30 votes := 0; 

31 broadcast ((AA, ranks)); 

32 foreach (AA, R) received do 

33 if isValid (timely, R) then 

34 votes := votes U R; 

35 ranks := APROXIMATE(ranks, votes); // updates "accepted" multiset 

36 if Step r = 3 ["log t] + 7 

37 return ROUND(ranks[my_id]); 



order-preserving. The second phase of the algorithm takes a 
logarithmic number of steps and runs, in parallel, multiple 
coordinated Byzantine-tolerant approximate agreements on 
those estimates. We denote each step as a voting step. By 
making appropriate validations on the votes of each process, 
we ensure that the agreement converges to values that are order 
preserving. In the following subsections we discuss each of 
these phases in detail. 

A. Id Selection Phase 

This phase is implemented in Steps 1 to 4 of Alg. [T] The 
purpose of the id selection phase is to choose which identifiers 
should feed the rank approximation phase. Note that Byzantine 
processes can announce different ids to different peers; if their 
power is not constrained the number of "fake" ids may prevent 
correct processes from executing correctly. On the other end, 
the purpose of this phase is not to ensure that all correct 
processes select the exact same set of identifiers: that would 
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be equivalent to solving consensus, which would have linear 
step complexity. For convenience of exposition, ids belonging 
to correct processes are named as correct ids. All other ids are 
referred to as Byzantine, e.g. ids issued by Byzantine processes 
as their own or non-existent ids that Byzantine processes claim 
to have received from others. 

The algorithm uses the following variables and functions: 
two different sets, namely timely and accepted that are used 
to collect ids; the variable ranks is a sparse array where 
ranks[id] stores a new name for each id in the accepted set; 
the function SORT(set) orders the entries in set; finally, the 
function RANK(sei, v) returns a position of value v in the 
ordered set set. 

At the end of this phase, the following properties are ensured 
on the timely and accepted sets: 

• The timely p at every correct process p, includes all correct 
ids; 

• The accepted p at every correct p includes at most N+t — 1 
values in total; 

• The acceptedp at every correct p is such that: 

timely C accepted^, 

q:q is correct 

i.e., if one value is considered timely by some correct process, 
this value is for sure included in the accepted set by every 
other correct process (but not necessarily considered timely). 

In detail, this phase of the algorithm works as follows. In 
Step 1, each correct process broadcasts its identifier in an Id 
message. In Step 2, processes echo the ids they have received 
in the previous step (Echo messages). Only ids that have been 
echoed at least N — t times are considered for the following 
steps. This effectively limits the number of Byzantine ids. 
Also, since all correct ids are echoed by the correct processes, 
all correct ids are taken to the next steps. Ids that satisfy 
the previous condition are broadcast in a Ready message in 
Step 3 and all ids for which at least N — t Ready messages 
have been issued are added to the timely set. A process that 
did not broadcast Ready for a given id in Step 3, but observes 
at least N — 2t Ready messages for that id, also broadcasts 
Ready for that id in Step 4. Then, all Ready messages from 
Steps 3 and 4 are accounted, and all ids for which at least 
N — t Ready messages have been produced are added to the 
accepted set. 

The Echo and Ready messages used here are similar 
to the control messages exchanged in the reliable broadcast 
algorithm of |4), with the difference that here the processes ter- 
minate in 4 steps, which is sufficient to guarantee the required 
properties for the timely and accepted sets. As mentioned 
previously, reliable broadcast algorithms of [4| require each 
node to know the identity of a sender. Therefore, if the ids are 
not known a priori and all processes are broadcasting at the 
same time, Byzantine participants can collude such that more 
than t messages issued by Byzantine nodes are delivered by 
the correct processes. In fact, any message received in the first 
step by at least N — 2t correct nodes can be delivered by a 
correct process. Therefore, in our id selection, the size of the 



Algorithm 2 Procedure isValid 



01 Function ISVALID (timely, ranks) returns boolean is 

02 foreach id, id' £ timely such that id < id' do 

03 if id £ ranks or id' $ ranks or ranks[id'] — ranks[zc/]< 5 then 

04 return false; 

05 return true; 



Algorithm 3 Procedure APPROXIMATE 

01 Function approximate (my_ranks, aU_ranks) returns array of ranks is 

02 new_ranks :— 0; 

03 foreach id g accepted do 

04 votes[ici] := 0; 

05 foreach R £ all_ranks do 

06 if id £ R then 

07 votes[id] := votes[id] U R[id]; 

08 accepted := {id £ accepted : |votes[ic/]| > N — t}; 

09 foreach id g accepted do 

10 for |votes[id]| 4- 1 to N do //fill missing votes with valid vote 

11 votes[id] := votes[id] U my_ranks[iri]; 

12 for 1 to t do // remove t extreme values 

13 votes[id] := votes[id] \ {MAX(votes[ici])}; 

14 votes[id] := votes[id] \ {MIN(votes[ir/])}; 

15 SORT(votes[id]); 

16 new_ranks[id] := AVG(SELECT t (votes[ici]); 

17 return new_ranks; 



accepted set at a correct process is bounded by N+t— I. Note 
also that Byzantine processes may use correct ids as their own; 
this has no effect on the execution: since timely and accepted 
are sets, duplicate identifiers are discarded. 

At the end of the id selection phase, each process sorts 
its accepted set, and assigns a new name to each of these 
processes (including itself), which is the rank of that id in 
the sorted set stretched by the factor 6=1+ 3 ^ +t ) ■ This 
factor is large enough to prevent names from clashing due to 
small disagreement errors in the approximate agreement, as we 
explain below. The purpose of the second phase is to iteratively 
execute approximate agreement until the ranks calculated by 
each correct process are within safe distance. 

B. Approximation Phase 

The approximation phase, or voting, starts in Step 5 and 
takes logarithmic number of steps to converge. This phase 
is based on the Byzantine-tolerant AA algorithm of [7|. The 
AA algorithm guarantees that, in spite of contradictory inputs 
from Byzantine processes, the processes output values within 
a bounded error. Moreover, it guarantees that the outputs are 
within the range of values issued by the correct processes. 
Unfortunately the ranks calculated in the id selection phase 
may not preserve the correct ordering. As a result, the ranges 
of the correct inputs may overlap. Without any additional care, 
AA may converge to values that are not order-preserving. 

The verification function depicted in Alg.|2]aims at ensuring 
that the approximation is performed in the way consistent with 
the ordering of the original ids. The function isValid takes 
as input the timely set of the local process and a ranks array 
received from some other process. It makes two tests to check 
if the votes from the remote process are consistent. First, the 
votes must include a vote for each id in timely (we remind that 
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if p and q are correct processes, then timely p C accepted q , thus 
any vote that does not satisfy this invariant may be discarded as 
faulty). Second, it ensures that the new rankings for these ids 
appear in the correct order separated by the minimum safety 
margin of 8. Note that a Byzantine process may send different 
votes to different processes and both can still be considered 
valid. However, the presented validity conditions are sufficient 
to ensure that the approximation of the validated values will 
be done in a consistent way. 

In addition to the variables and functions introduced before, 
the second phase of our algorithm also needs the following 
data structures and auxiliary functions: the variable R is a set 
of ranks arrays; the function Round(x) returns the integral 
value nearest to x; finally, the function SELECT^ (set) returns 
a choice of values from a set. These values are chosen to 
maximize the convergence rate of the approximate agreement. 
Later in the text we describe what is the most appropriate 
choice function. 

In detail, each voting step works as follows. Processes 
exchange the values in their ranks array. Each array received 
from a remote process is first validated as described earlier. 
If the array is considered valid, it is accepted. Votes are then 
processed by the function APPROXIMATE, depicted in Alg. [3] 
In this function, each process computes a new rank for each 
id in the accepted set as follows. It first collects all votes 
received for a given id into a multiset, (a multiset is a set that 
allows repetitions). If for some id in accepted, less than N — t 
votes are received, this id is discarded (by construction, this 
never happens to an id that has been considered timely by 
some correct process). For the remaining ids, if the number 
of votes is less than N, process fills the multiset by including 
copies of its own value (intuitively, local values are always 
valid). Then, the resulting multiset of N votes is sorted and 
the f lower values and the t higher values are discarded. 
Finally, function SELECT^ is used to pick a subset from the 
remaining values that is averaged to compute the new vote 
for that id. This function returns a multiset consisting of each 
(it + l)th element of the set (which is an ordered multiset), 
where < i < |_^\|- In other words, SELECT t (set) returns 
a multiset consisting of the smallest and each tth element after 
it. This choice of SELECT^ is the same as in the approximate 
agreement algorithm of 0, which guarantees the convergence 
rate of a t = [^^\ + 1 where a t is a number of elements 
returned by SELECT^ . 

After executing 31ogi + 7 approximation steps, the new 
name is chosen as the rounded value of mnk[my_id]. The 
stretch factor of 5 applied to the inputs and the validation 
procedure ensure that the ranks converge preserving a distance 
of slightly more than 1, which prevents the rounded ranks from 
clashing in spite of a possible approximation error. 

C. Correctness 

Complete proofs are provided in Appendix [A] 

We start by stating that any id in timely at some correct 

process, is necessarily included in accepted of any other 

correct process. 



Lemma 4.1: For any id such that id £ timely p at some 
correct p, then id £ accepted q at any correct q. 

The following lemma states that all correct ids are included 
in timely sets of all correct processes. 

Lemma 4.2: If id belongs to some correct p, then id £ 
timely q at any correct q. 

As discussed earlier, Byzantine processes can generate more 
than t identifiers, none of which recognized as faulty by 
the correct processes. The following lemma bounds the total 
number of ids added into accepted by the correct processes. 

Lemma 4.3: At the end of Step 4, at each correct process 

t 2 

lacceptedl < N + I I . 

We then show that correct processes always issue valid 
votes. 

Lemma 4.4: For any r > 5, if ranks p and ranks q are held 
by any two correct p and q in Step r, then 



ISV ALID(r anks p , ranks q 



true. 



Corollary 4.5: If id £ timely p at some correct p, then its 
rank is updated in each approximation step by every correct 
process. 

Corollary 4.6: If id < id' belong to two correct processes, 
then 



ranks p [id] 



S < ranks p [id'} 



at any correct p in every Step r > 4. 

We now need to bound the maximum discrepancy in the 
initial ranks for the same ids. 

Lemma 4. 7: If id £ timely p for some correct p, then at the 
end of Step 4, 

t 2 

\ranks p [id] — ranks q [id] | < (t + \_— —J) x (5, 

where ranks q [id] is the rank of id at some correct q. 

Now it remains to show that each approximation step of 
Alg. [3] reduces the distance between the ranks by the factor 

„ I N-2t 1,1 

Lemma 4.8: Let id £ timely p at some correct p, and A r 
denote the maximum distance between the correct ranks for 
id in the beginning of Step r. Then, at the end of Step r, the 
distance between new correct ranks for this id is within the 
range of — . Moreover, the new values are within the range 
of the old values belonging to correct processes. 

We now calculate the number of iterations needed to reduce 
A r to less than 

Lemma 4.9: If A 5 < (2i-l) x 5, then after r = 3[logi] + 
3 iterations, the range of the values belonging to all correct 
processes is less than A r+4 < ^=i. 

Finally, we are ready to prove the main theorem. 
Theorem 4.10: Alg. [T] implements order-preserving renam- 
ing for N > 3t with the target namespace of size N + t — 1. 
Proof: 

\accepted\ < N + Lj^tJ < 
Therefore, the initial ranks are 
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Validity. By Lemma 

N + t - 1, for JV > 
bounded by (N + t — 1) x 5. Since by Lemma pk8) all correct 
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processes output a value within the interval of the initial 
correct values, the outputs of the correct processes are bounded 
by round((7V + t-l)x5)=N + t-l. 

Termination. After 3 [log t]+7 steps, every correct process 
outputs a value. 



Order-preserving. By Lemmas 4.2 correct ids are always 



included in timely sets and, by Corollary 4.5 are updated in 



each step by every correct process. By Corollary 4.6 for any 
two correct id and id' such that id < id', the distance between 
their ra nking s is lower bounded by S in every step. Since by 
after 3|~log£] + 7 steps, A r < ^p, 

5 



Lemma 
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rank (id) + S H — < rank (id') — . 

Hence, ROUND (ranks[id])) < ROUND (ranks [id']) . ■ 

D. Complexity Analysis 

The step complexity of Alg. [T] is 3[~logf| + 7. In each 
step, the processes employ all-to-all communication. Hence, 
the total message complexity is O (iV 2 logi). Since in each 
communication the processes exchange arrays of at most 
N + t — 1 original ids and their ranks, the message size is 
bounded by O ((N + t - 1) (logN max + log N)) bits. 

V. Constant Time Renaming 

An interesting property of Alg. |T| is that it performs strong 
renaming, i.e. renaming with the target namespace of N, 
within constant number of steps if N > t 2 + 2t. The optimal 
namespace is due to the fact that Byzantine processes are not 
able to introduce any additional identifiers in our id selection 
scheme. The constant step complexity is due to the fast 
convergence property of the Byzantine AA. Similar argument 
was used by the authors of |Q] to prove the constant step 
complexity of the crash-tolerant algorithm presented in [14] 
when the number of crashes is bounded by N > 2t 2 . This 
result is formalized below. Proofs are provided in Appendix [B] 

Lemma 5.1: For N > t 2 + 2t, Alg. [T] achieves the target 
namespace of size N. 

Lemma 5.2: After 4 approximation steps, the values held 

by the correct processes are within the distance of less than 

5-1 l 

2 6{N+t)- 

Therefore, if we change the code of Alg. [1] to run only 4 
approximation steps (Line 29), as a result the algorithm has 
the complexity of 8 steps. 

Theorem 5.3: Alg. [T] implements strong order-preserving 
renaming in 0(1) steps if N > t 2 + 2t. 

VI. 2-Step Renaming Algorithm 

In the previous section we have shown that Alg. [T] has 
constant step complexity for N > t 2 +2t. This is an interesting 
result from the asymptotic point of view, specially considering 
that the resulting name space is optimal. Still, from the 
practical point of view, the number of communication steps 
can still be an impairment for time constrained applications 
(the number of steps of Alg. [T] is exactly 8). Therefore, in 
this section we are interested in performing renaming in as 



Algorithm 4 2-step Order-preserving Byzantine Renaming for 

N > 2t 2 + t 



01 

02 
03 
04 

05 
06 
08 
09 
10 

1 1 

12 



Init: 



foreach Ink £ {1, 
timely := accepted := 0; 
forall id do countered] : 



N} linkid[irifc] :=_L; 

0; // init sparse array with zeros 



In Step r := 1 

broadcast ({ID, my_id)); 

foreach id: (Id, id) received from a distinct link Ink do 
linkid[Znfc] := id; 
timely := timely U {id}; 

In Step r := 2 

broadcast ({MOLTIECHO, timely)); 
// count echoes 

foreach id: (MultiECHO, ids) received from a distinct 
link Ink do 

if isValid (Ink, ids) then 
foreach id £ ids do 

accepted:^ accepted U {id}; 
countered] := countered] +1; 
// compute new names 
SORT (accepted); 
accum_offset := 0; 

for id := FIRST(accepted) to LAST(accepted) do 

accum_offset := accum_offset + M1N (countered], N - 
newid[zd] : = accum_offset; 

return newid[my_id] 



t); 



01 Function isValid (Ink, ids) returns boolean is 

02 return linkidpnk] ^_L)A (|ids| < JV)A (|timely n ids| > N - 



few communication steps as possible. Interestingly, we show 
that order-preserving renaming in face of Byzantine processes 
can be solved in just 2 communication steps in the case N > 
2t 2 + t, by relaxing the target namespace to iV 2 . Obviously, 
in just 2 communication steps, it is impossible to perform 
iterative approximate agreement. In fact, our algorithm is 
simply based on counting echoes that are filtered by a validity 
check. 

The algorithm is depicted in Alg. [4] The main idea of the 
algorithm is having each process initially announce its ids to 
all other processes; then, echo all the ids received in the first 
step, and finally having each correct process calculate its new 
name by ordering all the received ids, and calculating offsets, 
i.e. spacings between two consecutive names, according to the 
number of echoes received for each id. Byzantine processes 
may opt not to echo the ids or even send contradictory 
information to different processes. Therefore, correct processes 
may receive different sets of ids as well as different numbers of 
echoes for each ids. The key to the algorithm is to compute the 
offsets in such a way that the new names chosen by the correct 
processes will hold the order-preserving property, despite the 
potentially inconsistent input sets of echoes. 

As the previous algorithms, Alg. [4] also uses a timely and 
an accepted set of ids. However, in this algorithm, all ids 
broadcast in Step 1 are considered timely and all ids echoed 
in Step 2, that pass a basic validity test, are accepted. The 
validity test, captured by function is Valid, limits the power 
of Byzantine processes as follows: first it only accepts echo 
messages from processes that have sent their id in Step 1, then 
it does not accept a MultiECHO message that has more than 
N ids, finally that the incoming MultiECHO has at least N—t 
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ids in common with the timely set of the recipient (note that 
if the sender and recipient of a MultiEcho are correct, they 
both have at least the N — t correct processes in their timely 
set). Also, for each accepted id, the algorithm counts how 
many times that id has been echoed by all processes (again, 
correct ids are guaranteed to be echoed at least N — t times). 

After all echo messages have been processed, processes 
are ready to choose new names. The offset for each known 
id is simply the value of MIN (counter, N — t) (Line 21). 
The adjustment to N — t will guarantee that these offsets for 
the correct ids are always the same. This prevents Byzantine 
processes from introducing an additional error linear in the 
number of correct processes by choosing to echo correct ids 
for some processes but not others. Finally, the new name of the 
process is produced by summing the offsets of all ids up to, 
and including, the id of the process executing the algorithm. 
The algorithm also stores the (locally estimated) values of new 
names for other processes; this is not required in practice and 
is done here only for clarity of the proofs. 

A. Correctness 

Proofs are provided in Appendix [C] 

Let A denote the maximum possible discrepancy between 
the new names for some correct id. 
Lemma 6.1: A < 2t 2 . 

We now establish the minimum offset of any correct id. 

Lemma 6.2: Let id and id' be two correct identifiers. If 
id! < id, then newid p [id!] + (N — t) < newid p [id] at some 
correct p. 

We are ready to prove main theorem. 

Theorem 6.3: Alg. [4] implements order-preserving renam- 
ing for N > 2t 2 + t with the target namespace of size N 2 . 

Proof: Validity. The total number of echoed ids accepted 
by each correct process in Step 2 is at most N 2 . Therefore, 
the correct processes output an integer value within the range 
[1, • ■ ■ , N 2 ], meaning that Alg. [^satisfies the validity property. 

Termination. After 2 steps, every correct process outputs a 
value. 

Order-preserving. Consider two correct processes p and 
q with initial identifiers id and id', such that id < id'. By 

newidp [id] 



Lemma 
Lemma 



62 
6.1 



N — t < newid p [id']. Since by 
A < It 2 , meaning that newid p [id'] — 2t 2 < 



newid q [id']. Since N > 2t 2 + 1, 

newid p [id] + N - t - 2t' 



< newid q [id'] 



B. Complexity Analysis 

Alg. [4] consists of 2 communication steps. Since in each 
step, processes employ all-to-all communication, the total 
message complexity is 2N 2 . In Step 2, the processes exchange 
vectors of all ids they received in Step 1. Therefore, the 
message size is bounded by O (NlogN max ) bits. 



VII. Conclusions 

This paper addresses for the first time the problem of 
order-preserving renaming in synchronous systems subject to 
Byzantine faults. However, our contributions also improve 
the existing results on non order-preserving renaming in this 
model. 

Our first algorithm performs order-preserving renaming with 
optimal fault tolerance of A > 3t, has the same time and 
message complexity as the existing crash-tolerant solution lfl4l 
and is more efficient than the previous (non order-preserving) 
algorithm for the Byzantine model. Additionally, our algorithm 
presents an improvement on the namespace size compared 
to the previous result of [15| and even achieves optimal 
namespace size for N > t 2 + 2t. It remains an open question 
whether it is possible to achieve tight namespace and optimal 
fault tolerance without using consensus. 

On the other hand, when the number of Byzantine faults 
is on the order of VN, we have shown that renaming can 
be performed in constant time both by using approximate 
agreement and with a simple echo-scheme. This bound on the 
number of faults asymptotically matches the existing results 
for the crash-fault model [ 1 1. Another open question is whether 
this bound is optimal or better fault tolerance can be achieved 
in constant time. 

Acknowledgments: The authors are thankful to Marcos K. 
Aguilera for his comments on an earlier version of this 
document. 
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Appendix A 



Proof: We first show that the inequality holds for the first 
elements in the ordered multisets, i.e. 



Proof of Lemma 4.1 



Assume by contradiction, id f. 
accepted q at some correct q. This is only possible if q has 
not received N — t (Ready, id) messages in Steps 3 and 4. 
But if p added id into timely, it means that it has received 
at least N — t (Ready, id) messages, N — 2t of which must 
have been sent by the correct processes in Step 3 (Lines 17-18 
of Alg. [TJ, therefore the correct processes that have not issued 
(Ready, id) in Step 3 will do so in Step 4 (Lines 22-23). It 
means that all correct processes issue (Ready, id) by Step 4, 
which leads to a contradiction. ■ 

Assume by contradiction, id ^ 



Proof of Lemma 4.2 



timely q for some correct q. This means that q has not received 
N — t (Ready, id) in Step 4. This is only possible if some 
correct process has not issued (Ready, id), which in turn is 
because it has not received N — t (Echo, id) in Step 2. This 
also is only possible if id was not received by some correct 
process in Step 1. However, since p is correct, p sent id to all 
correct processes in Step 1. Contradiction. ■ 
The following lemma will be used to calculate the maximum 
number of identifiers that Byzantine processes are able to 
produce. 

Lemma A.1: If id £ accepted p at some correct process p, 
then at least N — 2t correct processes received id in Step 1. 

Proof of Lemma \A.1\ If id € accepted, then p has 
received at least N — t (Ready, id) messages from which at 
least N — 2t must have been issued by the correct processes. 
From all (Ready, id) issued by the correct processes, at least 
one is sent in Step 3 (Line 19-20). This means that some 
correct process received at least N — t (ECHO, id) messages 
in Step 2, N — 2t of which must have come from the correct 
processes. ■ 

Proof of Lemma \4.3\ By Lemma |4.2| all N — t correct 
ids are in timely, therefore also in accepted. It remains to 
calculate the maximum number of Byzantine ids that can be 



in accepted. By Lemma A.l each id £ accepted must have 
been broadcast in Step 2 by at least N — 2t correct processes. 
This means that from the total of at most t(N — t) identifiers 
broadcast by the Byzantine processes in Step 1, [ ^S^t J — 

2 

t + [ N _2t \ can b e m accepted at any correct process at the 
end of Step 4. ■ 

The following lemma is auxiliary and states that if we 
construct two multisets by adding pairwise values separated 
by some given distance from each other, then after we order 
the multisets, the entries on the corresponding indexes still 
preserve this distance. 

Lemma A.2: Let U and W be two ordered multisets with 
k elements each, created by adding k pairs of elements 
a,pair(a) into U, W respectively, such that a + S < pair (a). 
Then, for any 1 < i < k, Ui + S < Wi. 



ui + 6 < Wx- 



(1) 



Since u>i is the smallest in W, Wi < pair(ui). If ui\ = 
pair(u\), then ([TJ follows. If w\ < pair{u\), there exists 
Ui such that w\ = pair(ui). Since u\ is the smallest in U, 
u-y + S < Ui + S < wi, as claimed. 

Now, by making pair(u\) a new pair of Ui, the same 
argument is used to iteratively prove ([TJ for U — U \ {u±} 
and W = W \ {wi} until U and W are empty. Therefore, 
1 < i < k, Ui + 5 < Wi, as needed. ■ 

The following lemma shows that during the approximation 
procedure, the distance between the ranks of two ids included 
in the timely set of some correct process maintains at least S. 

Lemma A.3: If for some ids id, id' £ timely, at the 
beginning of Step r, ranks[id] + 5 < ranks[id'] and 
|wtes[i<i]| , | votes [id'] | > N — t, then at the end of Step r, 
ranks[id] + d < ranks[id']. 

Proof: Since id, id' £ timely, all votes accepted in Line 
25 must contain new ranks for both id and id' spaced by at 
least S. Hence, |wotes[«d]| = |vo£es[id']|. 

If there are less than N entries in each set, the ranks[id] and 
ranks[id'] will be added respectively such that both sets have 
exactly N entries (Lines 10-11 of Alg. [3J, (by assumption, the 
added values also preserve the distance of at least S). 

Now, assume U, W are multisets resulted from ordering 
votes[id] and votes[id'] respectively. By Lemma |A.2| for any 
1 < i < N, Ui + S < Wi. Hence, after deleting from U and 
W, t smallest and t largest entries (Line 13-14 of Alg. |3J, it 
still holds that 1 < i < N — 2t, Ui + S < Wi. The distance 
between the new values (calculated in Line 16) is given by, 

AVG(SELECT t (W / )) - AVG(SELECT t ((7)) 

SUM(SELECT t ([/)) + t5 SUM(SELECT t (U)) 



Proof of Lemma 4.4 ISVALID( ranksp, ranksq) checks 



if the distance between the ranks of all elements in timely p is 



at least <5. By Lemma 4.1 timely q C acceptedp. Therefore, 
if the entries in ranks p preserve the distance of least 6, for 
any id such that id £ \J q . q is correct timely q , in Step r, then 
lsVALlD(ranksp, ranks q ). 

We now show by induction on r that the distance between 
the ranks of ids in timely p is preserved at least 5 by all correct 
processes in any Step r > 5. For the base case of r — 5, 
recall that p constructs the initial ranks in such a way that all 
ranks for the accepted set are spaced by at least S (Line 28 
of Alg. [TJ, therefore lsVALlD(ranks p , ranks q ) — true. 

For the induction step, assume that, for the rank held by p 
in Step r, IS Valid (ranfcs p , ranks q ) — true. Therefore, for 
each element in timely each correct process will receive at 
least N — t valid votes. And since by assumption, the correct 
votes are valid in Step r and by Lemma |4.2| each correct 
vote contains new ranks for all ids in timely p , p will update 
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their values in Line 35 of Alg [T] and, by Lemma A. 3 the 
new ranks calculated by each correct process at the end of 
Step r preserve the necessary distance at least S, Therefore, 
lsVALlD(?'an/c p , rankq) — true in r + 1. ■ 



Proof of Lemma 4.7- By assumption, id 6 timely p , 
therefore, by Lemma 4.1 id € accepted q . Also, by 
Lemma 4.2 all correct ids are in timely p and timely q 



and therefore in accepted at each correct process. Hence, 
[acceptedpT) accepted q \ > N — t. On the other hand, by 
Lemma [43] all correct processes have \accepted\ < N+t — 1. 
Hence, the initial ranks calculated in Line 28 of Alg [T] of each 
common element of accepted p and accepted q differs by at 
most (2t - 1) x 5. M 

Since id € timely p 



Proof of Lemma \4.8 
Lemma 



4.4 



then by 



and Corollary |4.5| votes p [id] and votes q [id] have 
at least N — t entries from the correct processes, therefore after 
executing Lines 12-14 of Alg. [3] both multisets have exactly 
N entries. 

Let C be the multiset of ranks of id issued by all 
correct processes in Alg. [T] in Step r. Note that C C 
votes p [id] , votes q [id] . 

Let A, B be ordered multisets resulting from deleting t 
maximal values and t minimal values from votes p [id] and 
votes q [id], respectively. Let a\ < ■ ■ ■ < a c be the elements 
of SELECT t (A) and b\ < ■■■ < b c be the elements of 
SELECTt(-B), where c is the number of elements selected. Note 
that c = er t . 

First, we need to show that, for 1 < i < c — 1, 



MAX 



(ai,bi) < MlN(a, i+1 ,6. i+1 ). 



(2) 



It suffices to show that a,; < then by symmetric ar- 

gument bi < flj+i. Suppose, by contradiction, that a% > frj+i. 
There are at least t(i + 1) + 1 elements in B less than or equal 
to bi + i. By our supposition, these elements are strictly less 
than a,. However, there are at most ti elements in A strictly 
less than <Zj. Therefore, at least t(i+l) + l — ti = t+1 elements 
in B, are not in A. However, since \votes p [id] D votes q [id] | > 
N - t, it holds that [A H B] > N - t - It. Therefore, 

\B — A\ = \B — (An B)] < (N — 2t) - (N - 3t) = t. 

Hence the contradiction and (|2]i follows. 

We then use |2]l to prove the lemma. The discrepancy 
between ranks p [id] and ranks q [id], which are updated in 
Line 16 of Alg. [3] at the end of Step r, is given by, 

|AVG(SELECT f (^4)) - AVG(SELECT t (i?)) | 



(fli + ■ ■ • + a c ) — (61 + ■ ■ • + b c 

c 



< 1 y^\ a i-bi\ 

c f-f 

2 — 1 
1 C 

= - ( MAX (a l ,b l ) - Mm(a,i,bi)) 



(3) 



where the fourth line follows from triangular inequality. 
Expanding the sum and successively applying 

1 c 

- V (MAX(a„ bi) - MlN(a 4 , bi)) 
c f-f 

2 — 1 

= i (MAx(a c ,6 c ) - MiN(a c ,6 c )) 
1 c_1 

+ - V(MAX(a,,& l ) -MlN(a 4 ,6 4 )) 
r — ^ 



< 



1 



(MAx(a c ,6 c ) - MiN(ai,fei)) . 



(4) 



On the other hand, since we deleted t extremal values from 
votes p [id] and votes q [id], it is true that MAX(a c ,6 c ) < 
MAX(C) and MIN(ai,6i) > MIN(C). Therefore, the averages 
are within the interval of the input values belonging to the 
correct processes. 

Moreover, from ([3| and Q, 

|AVG(SELECT t (A)) - AVG(SELECT t (i?))| 

< - (MAX(C) - MIN(C)) 

c 

1 . 

= — A r . 

Hence, the lemma follows. ■ 



Proof Lemma 4.9 
Lemma 14.81 



By successive applications of 



V+4 



< 



< 



< 



A, 

r3 Iog(t)l+3 



2t X 1 



1 



N + t 



1 



6 (N + t)' 



Appendix B 



Proof of Lemma \5.1\ By Lemma |4.3| the number of ids 
in the accepted set of any correct process is at most N + 
L N-2t \ = Due to the stretching factor of § = 1 + 3 (^ + t ) , 
the initial ranks are bounded by N x 6. Since by Lemma |4T8"j the 
values returned by the approximation belong to the interval of 
the initial correct values, the rounded outputs will be at most 
round(N x 5) = N. m 

By Lemma [4/7] the maximum dis- 



P roof of Lemma 5.2 



crepancy between the votes is at most (t+ [ N _ 2t J ) x 5 = txS. 
On the other hand, by Lemma |4~8~| the convergence rate of each 
approximation step is at least a t = [ N ^ 2t J + 1 > LVJ+-^ = 
t + 1. Therefore, after 4 convergence steps, the values of the 
correct processes are within 



t x 8 



< 



1 

3fi 



< 



6-1 
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Appendix C 



Proof of Lemma 6.1 • For each echo message received 
in Step 2, a correct process compares the number of ids in 
common, that should be at least N — t out of N allowed 
per message (procedure ISValid). Due to this sanity check, 
each Byzantine process can introduce only 2t Byzantine ids 
in an echo message: in the worst case, the Byzantine process 
includes t Byzantine ids already known to the receiver and 
some additional t arbitrary ids. Therefore, the total number of 
echoes of Byzantine ids received from the Byzantine processes 
by each correct process in Step 2, is at most 2t 
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Proof of Lemma 6.2 Assume, by contradiction, that 
newid p [id] — newid p [id'] < N — t. This is only possible if 
counter p [id] < N — t (Line 21). This means that, in Step 2, 
p received less than N — t echoes of id. It can only happen 
if some correct process p' did not echo id. This, in turn, is 
only possible if p' did not receive id in Step 1. But since id is 
correct, it was sent to all the processes in Step 2. Contradiction. 
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